Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Security vulnerability httpoxy

Discussion in 'EasyApache' started by constella, Jul 18, 2016.

  1. constella

    constella Registered

    Joined:
    Nov 29, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi,

    Do you know if the last WHM server is vulnerable with the httpoxy set of vulnerability?
    • CVE-2016-5385: PHP
    • CVE-2016-5386: Go
    • CVE-2016-5387: Apache HTTP Server
    • CVE-2016-5388: Apache Tomcat
    • CVE-2016-1000109: HHVM
    • CVE-2016-1000110: Python
     
    #1 constella, Jul 18, 2016
    Last edited by a moderator: Jul 18, 2016
  2. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    113
    Likes Received:
    3
    Trophy Points:
    68
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    We have a nice, new vulnerability website to check out.

    Should we use Apache's recommended solution on our WHM servers?

    Code:
    The two lines below enabled in the httpd.conf file will remove the "Proxy:"
header from all incoming requests, before further processing;
    LoadModule headers_module {path-to}/mod_headers.so
    RequestHeader unset Proxy early
     
    #2 grayloon, Jul 19, 2016
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,402
    Likes Received:
    1,953
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 cPanelMichael, Jul 19, 2016
    eva2000 likes this.
(You must log in or sign up to post here.)
Loading...
Similar Threads - Security vulnerability httpoxy
  1. lorio

    SOLVED Critical Exim Security Vulnerability

    lorio, Nov 27, 2017, in forum: E-mail Discussion
    Replies:
    14
    Views:
    1,770
    cPanelMichael
    Jan 24, 2018
  2. vacancy

    Cloudflare Security Vulnerability

    vacancy, Feb 24, 2017, in forum: Security
    Replies:
    1
    Views:
    697
    cPanelMichael
    Feb 27, 2017
  3. kamranonline

    New Thread curl error on OWASP ModSecurity Core Rule Set V3.0 installation

    kamranonline, Dec 10, 2018 at 5:57 AM, in forum: Security
    Replies:
    0
    Views:
    68
    kamranonline
    Dec 10, 2018 at 5:57 AM
  4. Elizabeta

    Email about kernel updates and security advisor result different

    Elizabeta, Nov 28, 2018, in forum: Security
    Replies:
    4
    Views:
    322
    cPanelMichael
    Nov 30, 2018
  5. Gojko

    HTTPD conflict with mod_security?

    Gojko, Nov 20, 2018, in forum: EasyApache
    Replies:
    2
    Views:
    136
    rpvw
    Nov 21, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice